If this is your first visit, be sure to
check out the Forum Rules by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

Wireless and Wired Sniffing - The Basics

Ok so ive decided to give myself a week and concentrate on nothing but sniffing. My goal is basically to become aware of some of the more powerful tools and there options. Im fairly versed in wireshark but only with capturing packets from my card.

Im going to try and cover everything from passive sniffing without connecting, mitm attacks, sniffing while connected to a network, and if i get time how to do it on a wired hub without an ip like streaker69 has suggested.

The end result being a decently in depth how-to on everything ive learned and how to perform each attack that will eventually be posted here.

So im open to any suggestions ... whatever they might be "obviously google" as of rite now the only thing i know how to do is arpspoof and read the packets with tcpdump. I know for a fact there are much more powerful tools that include some advanced viewing options and i would like to explore some of those. So if you have anything you can suggest im all ears. Maybe it was that one link that you saved when you where learning that took you forever to find, or maybe its that special plugin for a tool that makes things so much easier.

Im not looking for spoon feeding as i want to know whats going on, how each attack is performed, how it is allowed to happen, and if possible how to prevent against. Ill be doing most of the research myself but what im looking for are basically some suggestions on where to start or how to make things easer, and maybe a little help if i hit a brick wall.

I have 3 routers and 2 wifi computers in addition to my attack pc with an alfa card. I have already set up a http replay program that will visit random sites "ssl aswell" along with another one that will log me into a ftp server every 5min. I plan on testing out each attack and documenting the results either through video or a simple and easy to follow guide.

If you do have any ideas and you prefer them not being posted feel free to PM me. Im basically just doing this as a learning experience but for the next week i get to be an attacker =]

Using backtrack for the first time is like being 10 years old again with the keys to a Ferrari.

Get this book: Practical Packet Analysis. (No, it's not one of mine. ) It's about THE best book I've ever read about knowing the details of packets and using Wireshark. It mainly covers wired connections, but does devote a chapter to wireless packet capture, too.

Plus, you can download all the packet captures used in the book, and try all the techniques firsthand.

Get this book: Practical Packet Analysis. (No, it's not one of mine. ) It's about THE best book I've ever read about knowing the details of packets and using Wireshark. It mainly covers wired connections, but does devote a chapter to wireless packet capture, too.

Plus, you can download all the packet captures used in the book, and try all the techniques firsthand.

Thank you, i might try picking this up sometime this weekend, however for this test im going to try and rely on the users here and google.

I really only want to spend a week on this and then later put some more time in it and refine what i learn.

btw to anyone else that reads this ill be running test configs all weekend so if you have some suggestions for setups id love to hear them.

Using backtrack for the first time is like being 10 years old again with the keys to a Ferrari.

Cool but could you explain what the hell waxing on and off has anything to do with fighting

You should probably sit down and watch the movie again if you don't understand that. I thought it was pretty clear the point they were trying to get across.

A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

Cool but could you explain what the hell waxing on and off has anything to do with fighting

Not a god damned thing.

Originally Posted by streaker69

You should probably sit down and watch the movie again if you don't understand that. I thought it was pretty clear the point they were trying to get across.

Ralph Macchio can't act his way out of a wet paper sack?

Of course, if you really wanted to have some fun, go to Wal-Mart late at night and ask the greeter if they could help you find trashbags, roll of carpet, rope, quicklime, clorox and a shovel. See if they give you any strange looks. --Streaker69